Wallet Address Validator

About the Wallet Address Validator

Crypto support tickets are dominated by one tragedy: a user pasted an address into the wrong network, lost a character to a screen reader, or trusted a fake QR — and the funds vanished forever, because blockchain transactions are irreversible. This tool runs every cryptographic checksum that the destination network would run if you submitted the address there. Bitcoin P2PKH and P2SH are verified by Base58Check double-SHA-256, Bitcoin SegWit (bc1) by Bech32 / Bech32m polynomial, Ethereum and every EVM chain (BSC, Polygon, Arbitrum, Optimism, Base, Avalanche, Fantom) by EIP-55 mixed-case Keccak-256, Solana by base58 length 32 (Ed25519 public-key check), Tron by Base58Check with 0x41 prefix, Cardano by Bech32, Stellar by CRC16-XMODEM, plus Litecoin, Dogecoin and Ripple.

Everything runs locally — the address never leaves your browser, no API calls, no logging, no analytics on the input field. The tool was built specifically to answer the recurring question 'how do I verify that a deposit address from Block.io or Blockchain.com is a true and acceptable Bitcoin address format' — the answer is: paste it here, see the checksum verdict, the address type (P2PKH single-key vs P2SH multi-sig vs Bech32 SegWit) and the legal reminder list before sending.

How can I tell if a Bitcoin address from Block.io is the same format as one from Blockchain.com?

Both services issue standard Bitcoin addresses that follow exactly the same BIP-13 / BIP-141 / BIP-173 / BIP-350 specifications — there is no proprietary 'Block.io format' or 'Blockchain.com format'. What changes between addresses (regardless of custodian) is the type: P2PKH (starts with '1', single-key legacy, validated by Base58Check), P2SH (starts with '3', script hash that often wraps multi-sig or a SegWit upgrade, also Base58Check), and Bech32 SegWit (starts with 'bc1q' for native SegWit v0, 'bc1p' for Taproot v1, lowercase-only, validated by polynomial checksum). Paste an address from either service into this tool — the 'Address type' card tells you which it is. Both Block.io and Blockchain.com support all three formats; pick the same type at the sender to avoid extra fees, but any-to-any always works on the Bitcoin network.

Does format-validity mean the funds will reach the right person?

No — and this distinction kills more crypto than any hack. Format-validity proves only that the address obeys the cryptographic checksum of its chain, so the transaction will not be rejected by the network as malformed. It does NOT prove (1) who controls the private key, (2) whether the address belongs to the entity you think it does, (3) whether someone substituted a similar-looking address via clipboard-hijacking malware, (4) whether the QR code you scanned was legitimate, or (5) whether the chain you are sending on matches the chain the recipient expects. Always cross-check the first 6 and last 6 characters with the recipient over a second channel (phone call, signed message, official portal), and send a small test transaction first when meaningful value is involved.

Why does the same Ethereum address work on BSC, Polygon, Arbitrum, Optimism and Base?

All these chains are 'EVM-compatible' — they use the same Ethereum Virtual Machine, the same secp256k1 elliptic curve for keys, and the same address derivation (last 20 bytes of Keccak-256 of the uncompressed public key). So a 0x… address is mathematically valid on every EVM chain. But the funds live on the specific chain you sent them on: ETH sent to your address on Polygon is now Polygon-ETH and is invisible on Ethereum mainnet unless you bridge it back. The 'wrong network' mistake is the #1 cause of lost EVM tokens. This tool tells you the address is EVM-compatible; the exchange withdrawal dropdown is what selects the chain — read it three times.

What does EIP-55 mixed-case checksum actually catch?

EIP-55 takes a lowercase Ethereum address, hashes it with Keccak-256, and uses each hex character of the hash to decide whether each address letter should be uppercase (if the corresponding hash digit is ≥8) or lowercase. The encoded uppercase pattern protects against single-character typos: if you transpose two letters or copy one wrong, the case pattern breaks and most wallets will refuse the address. If you receive an address in all-lowercase or all-uppercase, it is still mathematically valid (Ethereum is case-insensitive at the protocol layer), but you lose the typo protection. Always prefer mixed-case EIP-55 addresses when copying from a trusted source. This tool flags 'EIP-55 OK' for correctly cased addresses and 'EIP-55 FAILED' if the casing is wrong, which usually means a transcription error.

What is the difference between P2PKH, P2SH, P2WPKH, P2WSH and P2TR Bitcoin addresses?

P2PKH (Pay to Public Key Hash, '1…' addresses) is the original 2009 format — a single private key controls the funds. P2SH (Pay to Script Hash, '3…') wraps a redemption script: classically used for multi-signature wallets (e.g. 2-of-3 escrow) and for backward-compatible SegWit (the 'wrapped SegWit' addresses you saw between 2017-2021). P2WPKH (Pay to Witness Public Key Hash, 'bc1q…' 42-char) is native SegWit v0 single-key — cheaper to spend, smaller signatures. P2WSH (Pay to Witness Script Hash, 'bc1q…' 62-char) is native SegWit v0 multi-sig or other complex scripts. P2TR (Pay to Taproot, 'bc1p…') is the 2021 Taproot upgrade — privacy-improved multi-sig and smart-contract-style spending that looks like a single key on-chain. This tool labels the exact type so you can verify what kind of wallet (single-key vs multi-sig) holds your deposit address.

Why is the validator fully offline? Could I trust an online API more?

Cryptographic checksum verification is deterministic math — Base58Check, Bech32, EIP-55 and CRC16 all have public specs and the same input always produces the same output, anywhere. An online API would give you exactly the same answer this tool does, plus three risks the offline tool avoids: (1) network failure dropping the result, (2) the API operator logging your address (associating it with your IP, device, browser), and (3) a man-in-the-middle attacker substituting the validation response to trick you into trusting a malformed address. Doing it client-side removes all three. The code is open and visible — your browser's developer tools let you confirm there are no fetch() calls in the validation path.

Which chains and address types are supported today?

Bitcoin: P2PKH, P2SH, Bech32 SegWit v0 (P2WPKH, P2WSH), Bech32m Taproot (P2TR), plus mainnet / testnet detection. Ethereum and all EVM chains: 0x… with EIP-55 mixed-case verification. Solana: 32-byte Ed25519 base58. Tron: T… Base58Check with 0x41 mainnet prefix. Litecoin: L…, M…, ltc1… (Bech32). Dogecoin: D…, A…, 9… Base58Check. Cardano: addr1… and stake1… Bech32. Stellar: G… and M… strkey with CRC16-XMODEM. Ripple: r… base58 (format check only — XRP uses a non-standard alphabet so checksum verification needs the full ripple library). Future additions on request: Monero, Tezos, Cosmos atom1, Polkadot, NEAR, Aptos, Sui.

If the address format is valid but the test transaction never arrives, what could be wrong?

Five common causes ordered by frequency. (1) WRONG NETWORK selected at the sender — most common; the funds are on a different EVM chain than the recipient's wallet expects. Check the explorer for the chain you sent on. (2) Confirmation count not yet met — some exchanges require 3-6 BTC confirmations or 32 ETH confirmations before crediting; wait an hour. (3) Memo / destination tag missing — Ripple, Stellar, Cosmos and a few exchanges require a memo to route deposits to your account; without it the funds sit in the exchange's hot wallet and need manual recovery. (4) Frozen account / sanctions block — the recipient address may be frozen by the exchange compliance team. (5) Smart contract refusing the transfer — sending ERC-20 to a contract that does not implement the receiver interface burns the tokens. Always confirm via the chain's official block explorer using the transaction hash before reporting the funds 'lost'.

Exactly which standards (EIPs / BIPs) does this validator implement?

Each chain is checked against its published standard, not a heuristic. Bitcoin Base58Check legacy addresses follow BIP13 (P2SH '3…' version byte) with double-SHA-256 checksum. SegWit addresses follow BIP141 (witness program, 2-40 byte bounds; v0 must be exactly 20 bytes for P2WPKH or 32 for P2WSH) and the 5-bit→8-bit regrouping rules from BIP143. The address encoding itself is BIP173 (Bech32, witness v0) and BIP350 (Bech32m, witness v1+ / Taproot) — the validator picks the correct polynomial constant (1 for Bech32, 0x2bc830a3 for Bech32m) per witness version and rejects mismatches. Ethereum and all EVM chains use EIP-55 (mixed-case Keccak-256 checksum) computed with the audited ethers.js library; EIP-155 gives the chain-id context that makes the same 0x… address replay-safe across chains. Stellar uses CRC16-XMODEM strkey, Tron uses Base58Check with the 0x41 version byte, and Cardano uses Bech32. Searching any of those standard names (BIP13, BIP141, BIP143, BIP173, BIP350, EIP-55, EIP-155) will land you here.

Can I validate a whole allow-list at once, and how do I prove it never touches the network?

Yes. The Batch panel takes a list of addresses (one per line, or comma/space separated — paste straight from a CSV column) and validates every entry with the same detect() pipeline as the single-address mode, then renders a table with a valid/invalid badge, chain, type and network for each row. Use 'Copy JSON' for a machine-readable audit record or 'Download CSV' (UTF-8 with BOM, opens cleanly in Excel) for your compliance file. This is built for treasury, payroll and exchange-ops teams vetting dozens to hundreds of withdrawal addresses before an irreversible payout run — one corrupted or wrong-chain entry is caught before funds leave. To prove no address leaves your machine: open your browser DevTools → Network tab, clear it, run the batch, and confirm zero requests fire during validation (the only network fetch is the one-time load of the ethers.js library used for the Keccak-256 EIP-55 math, which happens before you paste anything). You can also save the page with Ctrl+S and run the whole tool fully offline / air-gapped — there are no fetch() calls in the validation path and nothing is logged.